Interface PasswordEncoder
-
- All Known Implementing Classes:
AbstractJAASPasswordEncoder
,PlainTextPasswordEncoder
,SHA1PasswordEncoder
,SHA256PasswordEncoder
public interface PasswordEncoder
Interface for performing authentication operations on a password.
Javadoc about encoding and salts copied from Acegi Security.
- Author:
- colin sampaleanu, Joakim Erdfelt
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description String
encodePassword(String rawPass)
Encodes the specified raw password with an implementation specific algorithm, using the system wide salt.String
encodePassword(String rawPass, Object salt)
Encodes the specified raw password with an implementation specific algorithm, using user specific salt.boolean
isPasswordValid(String encPass, String rawPass)
Validates a specified "raw" password against an encoded password, using the system wide salt.boolean
isPasswordValid(String encPass, String rawPass, Object salt)
Validates a specified "raw" password against an encoded password, using a user specific salt.void
setSystemSalt(Object salt)
Sets the system wide salt to use in the encoder.
-
-
-
Method Detail
-
setSystemSalt
void setSystemSalt(Object salt)
Sets the system wide salt to use in the encoder.
The specified salt will potentially be used by the implementation to "salt" the initial value before encoding. A salt is usually a user-specific value which is added to the password before the digest is computed. This means that computation of digests for common dictionary words will be different than those in the backend store, because the dictionary word digests will not reflect the addition of the salt. If a per-user salt is used (rather than a system-wide salt), it also means users with the same password will have different digest encoded passwords in the backend store.
- Parameters:
salt
- the salt to use as a default for the encoder.
-
encodePassword
String encodePassword(String rawPass)
Encodes the specified raw password with an implementation specific algorithm, using the system wide salt.
This will generally be a one-way message digest such as MD5 or SHA, but may also be a plaintext variant which does no encoding at all, but rather returns the same password it was fed. The latter is useful to plug in when the original password must be stored as-is.
- Parameters:
rawPass
- the password to encode- Returns:
- encoded password
-
encodePassword
String encodePassword(String rawPass, Object salt)
Encodes the specified raw password with an implementation specific algorithm, using user specific salt.
This will generally be a one-way message digest such as MD5 or SHA, but may also be a plaintext variant which does no encoding at all, but rather returns the same password it was fed. The latter is useful to plug in when the original password must be stored as-is.
The specified salt will potentially be used by the implementation to "salt" the initial value before encoding. A salt is usually a user-specific value which is added to the password before the digest is computed. This means that computation of digests for common dictionary words will be different than those in the backend store, because the dictionary word digests will not reflect the addition of the salt. If a per-user salt is used (rather than a system-wide salt), it also means users with the same password will have different digest encoded passwords in the backend store.
- Parameters:
rawPass
- the password to encodesalt
- optionally used by the implementation to "salt" the raw password before encoding. Anull
value is legal.- Returns:
- encoded password
-
isPasswordValid
boolean isPasswordValid(String encPass, String rawPass)
Validates a specified "raw" password against an encoded password, using the system wide salt.
The encoded password should have previously been generated by
encodePassword(String)
. This method will encode therawPass
(using the system widesalt
), and then compared it with the presentedencPass
.For an explanation of salts, please refer to
setSystemSalt(Object)
.- Parameters:
encPass
- a pre-encoded passwordrawPass
- a raw password to encode and compare against the pre-encoded password- Returns:
- true if the password is valid , false otherwise
-
isPasswordValid
boolean isPasswordValid(String encPass, String rawPass, Object salt)
Validates a specified "raw" password against an encoded password, using a user specific salt.
The encoded password should have previously been generated by
encodePassword(String, Object)
. This method will encode therawPass
(using the optionalsalt
), and then compared it with the presentedencPass
.For a discussion of salts, please refer to
encodePassword(String, Object)
.- Parameters:
encPass
- a pre-encoded passwordrawPass
- a raw password to encode and compare against the pre-encoded passwordsalt
- optionally used by the implementation to "salt" the raw password before encoding. Anull
value is legal.- Returns:
- true if the password is valid , false otherwise
-
-